H3C LS-3100-52P-OVS-H3 Operation Manual - page 1587
7-4
Network diagram
Figure 7-1 Network diagram for controlling Telnet users using ACLs
Switch
10.110.100.46
Host A
IP network
Host B
10.110.100.52
Configuration procedure
# Define a basic ACL.
[H3C] acl number 2000 match-order config
[H3C-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[H3C-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[H3C-acl-basic-2000] rule 3 deny source any
[H3C-acl-basic-2000] quit
# Apply the ACL.
[H3C] user-interface vty 0 4
[H3C-ui-vty0-4] acl 2000 inbound
Controlling Network Management Users by Source IP Addresses
You can manage a H3C S5500-EI series Ethernet switch through network management software.
Network management users can access switches through SNMP.
You need to perform the following two operations to control network management users by source IP
addresses.
z
Defining an ACL
z
Applying the ACL to control users accessing the switch through SNMP
Prerequisites
The controlling policy against network management users is determined, including the source IP
addresses to be controlled and the controlling actions (permitting or denying).